Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/kjAbOnvcMkwbP0Zmyzf1NbaWJ_g.roa
File: kjAbOnvcMkwbP0Zmyzf1NbaWJ_g.roa (raw, json)
Hash identifier: xbuAFWjRYIhkZkMaO0dhNf8xuVIwvh/SZceeN43Weqg=
Subject key identifier: 92:30:1B:3A:7B:DC:32:4C:1B:3F:46:66:CB:37:F5:35:B6:96:27:F8
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 018B4E72EA778DE75B7AB25B728BD7C43F1A
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/kjAbOnvcMkwbP0Zmyzf1NbaWJ_g.roa
Signing time: Fri 20 Oct 2023 18:57:15 +0000
ROA not before: Fri 20 Oct 2023 18:57:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 188.191.96.0/24 maxlen: 24
188.191.100.0/24 maxlen: 24
188.191.107.0/24 maxlen: 24
91.225.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Dec 2023 20:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4e:72:ea:77:8d:e7:5b:7a:b2:5b:72:8b:d7:c4:3f:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Oct 20 18:57:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92301b3a7bdc324c1b3f4666cb37f535b69627f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d7:8f:a8:a6:5f:d1:49:45:fc:cd:d7:0b:6e:
f3:28:a5:28:09:af:e4:66:c7:38:81:60:58:7e:9d:
ae:fa:95:58:bc:11:10:16:c8:80:37:0f:69:7a:ab:
d0:07:f2:4e:39:97:43:0a:7d:82:b3:1a:21:c2:42:
6b:00:e6:4d:64:db:4d:a2:2f:99:a0:b2:85:3f:04:
ab:ba:53:a7:61:0d:46:89:30:cc:39:a7:b9:8d:bd:
02:a9:c6:d2:3a:29:6e:c9:e4:e7:14:eb:76:14:c9:
37:68:f2:d7:cf:b2:1c:0f:61:7f:da:9a:6d:09:41:
23:e0:d1:9c:19:54:2d:22:21:85:d4:c8:03:90:32:
3f:ca:00:fd:9e:68:90:2c:d6:ea:f2:b0:1d:fe:e4:
23:1c:2d:9c:9d:91:e8:5b:6b:90:ab:e4:f1:20:2e:
46:09:28:24:64:ef:71:c0:4a:87:e0:ac:bf:bc:20:
0d:03:f6:97:5d:d9:9f:9b:e1:b4:ee:b0:eb:b3:94:
39:14:18:64:98:de:7f:1f:e7:af:52:eb:5c:2d:ef:
90:eb:dd:b9:12:a7:e0:13:17:36:c0:25:86:e9:b8:
ba:82:71:5d:e3:b3:8a:72:0f:ed:fa:21:77:40:8f:
0b:45:b9:cc:b6:bb:11:ef:f6:60:79:5b:70:d1:39:
62:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:30:1B:3A:7B:DC:32:4C:1B:3F:46:66:CB:37:F5:35:B6:96:27:F8
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/kjAbOnvcMkwbP0Zmyzf1NbaWJ_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.225.0/24
188.191.96.0/24
188.191.100.0/24
188.191.107.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:eb:2c:a5:f3:45:be:6d:5d:41:e4:3c:3b:9f:32:93:9e:0b:
27:f8:26:7e:16:9d:70:c5:f3:14:fb:48:70:32:65:c2:d8:83:
fa:50:44:40:04:9b:03:df:19:fb:71:5d:ba:5d:b3:8a:34:e3:
fb:15:54:55:83:33:bc:a3:66:87:96:86:4c:4c:1e:28:41:72:
49:6e:79:d9:95:a3:2d:d3:c5:dc:52:61:9a:3f:13:7d:78:45:
cc:cd:96:3e:44:45:10:61:3a:54:8c:c1:77:b4:43:98:14:82:
0c:92:bb:bd:66:29:e6:84:e0:44:d8:51:a9:35:45:0e:c1:8d:
d9:5a:79:e0:dd:7e:58:5c:5c:c4:73:71:3b:46:48:4c:b8:3a:
67:bc:e2:e1:b3:38:de:a6:1d:35:23:3e:c4:8f:fd:c8:c7:5c:
d6:b3:76:c0:c9:a7:9c:ee:42:e8:8d:a3:88:96:6d:6d:34:7a:
86:ce:d4:ed:d0:bd:64:64:e3:99:3f:40:51:6d:4f:4e:a1:e6:
13:da:65:fc:97:65:27:a8:aa:33:e7:f7:80:5d:1e:40:cb:c6:
2b:1b:ba:00:c8:7c:37:1c:fa:ed:b0:e5:90:f7:ca:23:c7:69:
bc:75:3e:ba:e1:47:5b:4a:5b:ca:ed:03:98:35:d7:94:03:e9:
e0:bd:e0:ac
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtOcup3jedberJbcovXxD8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMxMDIwMTg1NzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjMwMWIzYTdiZGMzMjRjMWIzZjQ2NjZjYjM3ZjUzNWI2OTYyN2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9ePqKZf0UlF/M3XC27zKKUoCa/k
Zsc4gWBYfp2u+pVYvBEQFsiANw9peqvQB/JOOZdDCn2CsxohwkJrAOZNZNtNoi+Z
oLKFPwSrulOnYQ1GiTDMOae5jb0CqcbSOiluyeTnFOt2FMk3aPLXz7IcD2F/2ppt
CUEj4NGcGVQtIiGF1MgDkDI/ygD9nmiQLNbq8rAd/uQjHC2cnZHoW2uQq+TxIC5G
CSgkZO9xwEqH4Ky/vCANA/aXXdmfm+G07rDrs5Q5FBhkmN5/H+evUutcLe+Q6925
EqfgExc2wCWG6bi6gnFd47OKcg/t+iF3QI8LRbnMtrsR7/ZgeVtw0TliDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJIwGzp73DJMGz9GZss39TW2lif4MB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEva2pBYk9udmNNa3diUDBabXl6ZjFOYmFXSl9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+HhAwQA
vL9gAwQAvL9kAwQAvL9rMA0GCSqGSIb3DQEBCwUAA4IBAQBd6yyl80W+bV1B5Dw7
nzKTngsn+CZ+Fp1wxfMU+0hwMmXC2IP6UERABJsD3xn7cV26XbOKNOP7FVRVgzO8
o2aHloZMTB4oQXJJbnnZlaMt08XcUmGaPxN9eEXMzZY+REUQYTpUjMF3tEOYFIIM
kru9ZinmhOBE2FGpNUUOwY3ZWnng3X5YXFzEc3E7RkhMuDpnvOLhszjeph01Iz7E
j/3Ix1zWs3bAyaec7kLojaOIlm1tNHqGztTt0L1kZOOZP0BRbU9OoeYT2mX8l2Un
qKoz5/eAXR5Ay8YrG7oAyHw3HPrtsOWQ98ojx2m8dT664UdbSlvK7QOYNdeUA+ng
veCs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org